Cross-Site Scripting Vulnerability in Nivo Slider for Drupal
CVE-2014-8744

Currently unrated

Key Information:

Vendor

Drupal
Status
Nivo Slider
Vendor
CVE Published:
13 October 2014

What is CVE-2014-8744?

A Cross-Site Scripting (XSS) vulnerability exists in the Nivo Slider module for Drupal that permits remote authenticated users with specific permissions to insert arbitrary web scripts or HTML through the image title. This flaw can lead to unauthorized script execution within the user's browser session, compromising the integrity of the web application and potentially exposing sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/57459
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/92009
vdb-entryx_refsource_XF
https://www.drupal.org/node/2221481
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.